Futaba _ Webs πΈπΈππΈπΈ
LAN Turtle πΈπΈππΈπΈ
Today, I'm going to show you how to make your own custom LAN turtle Rubber Ducky using Arduino. This is going to simulate connecting the target system back to a server side, much like a meterpreter shell, so that we can pipe over commands on our end and control the target system.
π Article π Glossary π Catalog π Home π Search Modeπ Article Glossary
πΈ Synopsis πΈ
Today, I'm going to talk more about ransomware attacks and how to prevent them. This is to raise more awareness on proper Cyber Security data Hygiene methods, as well as other techniques that can be used to prevent any real damage should this attack connect. This article is also going to feature some of my formal QA answers from a recent interview I did most recently.
πΈ Article Topics πΈ
I'll be discussing the following topics in order: π Premise π What is Session Hijacking? π What are COOKIES? You can click on any of the topics to simply check that one out if it interests you! NOTE: Articles are read from LEFT to RIGHT via 2 columns! Read the first column all the way down and then move to the next one!
πΈ Key Links πΈ
Here's a quick run down on all the main links that are in the article in case you want to check them out first. π LinkedIn Version π Patreon Version π YouTube LIVE Demo π Physical LIVE Demo π TCP Server Backdoor Script π Link to board π Link to json file for board π Link to Arduino IDE: (USE THE 2.O OR HIGHER ONE!!!)
π LAN Turtle
Premise πΈπΈππΈπΈ
The two scripts that are going to be used are the ones from the previous article on "How to Botnet". The client side is going to be integrated with Arduino, where it will will write its own code live and connect back to the server, whereas the server side, the python script, is going to sit in a listening state on the system, waiting for the client to connect to it so it can be fed instructions from the client side to control the system. Traditionally you always want to have the server sitting on the victim system so that you can connect and interact with it, but nowadays making your back-doors peer to peer is actually best because it allows your setup to be more versatile. For safety purposes, it's just going to connect back and that's it, nothing else! The real version that is unsafe to use stays with me.
Sadly, this is one of those projects that you NEED to have the right equipment for to pull off, but you can still follow along the 2 demonstration videos here. One, that shows the code being automated, and then another, of me connecting it live in front of you as proof it works.
π YouTube LIVE Demo π Physical LIVE Demo π TCP Server Backdoor Script π Link to board π Link to json file for board π Link to Arduino IDE: (USE THE 2.O OR HIGHER ONE!!!)What is a Rubber Ducky? πΈπΈππΈπΈ
A rubber ducky is a keyboard injection exploit that uses pre-rendered keystrokes via virtual keyboard in order to inject a series of commands and payloads that infect the system in a variety of ways. It does this by communicating with the virtual keyboard on the kernel layer of your operating system. This allows it to mimic and control the system as if it were an actual person.
Think of it like if I were to program it to write out this whole articles in front of you in a matter of seconds. You can do all sorts of stuff: pop open shells, run scripts, have it write it's own code and then execute it, log into accounts, botnet a system, even serve as a form of retro malware or a bruteforcer tool if you wanted to.
Why is it called a Rubber Ducky? πΈπΈππΈπΈ
It's commonly known as a rubber ducky due to its innocent-like appearance. The goal of it typically is to insert it manually, OR, have someone pick it up and connect it to a USB port on a system, triggering it to go off. There are many ways to create one, but for today, we are going to do it using the Arduino libraries "keyboard" module to get this up and running.
Sadly at the time of making this I had to do more work than necessary since I didn't have storage means to load my code when it connects... SOOO..... I HAD IT WRITE IT'S OWN CODE LIVE. It's actually more impressive when you see the code write itself live in front of you.
Before we start this, let's go over some of the main key functions so that you understand what is going on.
If you like to see the more advanced version of this article that talks about methods that can be used to mitigate, as well as any videos included, SUBSCRIBE TO MY PATREON CYBER SECURITY TIER!
If you enjoyed this post give it a thumbs up! Iβll be keeping track of whose reacting from now on as there is a βspecialβ reason for it. Just know the more you support my content the more there is in stored!
- The Hacker Who Laughs πΈπΈππΈπΈ
